package com.leyou.auth.controller;

import com.leyou.auth.service.UserAuthService;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

@RestController
@RequestMapping("/user")
public class UserAuthController {
    @Resource
    private UserAuthService userAuthService;

    //用户登录携带用户信息请求auth中心授权，auth创建含jwt的cookie响应用户，创建jwt时，即将用户一一对应的jti存入redis，实现登录限时
    @PostMapping("/login")
    public ResponseEntity<Void> login(
            @RequestParam("username")String username,
            @RequestParam("password")String password,
            HttpServletResponse response
    ){
        userAuthService.login(username,password,response);
        return ResponseEntity.ok().build();
    }

    //用户携带jwt请求登出，auth中心验证解析jwt有效性，有效则删除cookie及redis内容，删除cookie及创建同名的无值cookie，并将age设置为0
    @PostMapping("/logout")
    public ResponseEntity<Void> logout(HttpServletRequest request, HttpServletResponse response){
        userAuthService.logout(request, response);
        return ResponseEntity.noContent().build();
    }
}
